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DETAILED ACTION 
Claim Rejections - 35 USC § 112 

The following is a quotation of the second paragraph of 35 U.S.C. 1 12: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

1 . Claim 3 recites the limitation "the special purpose processor" in line 1 . There is 
insufficient antecedent basis for this limitation in the claim. 

Claim Rejections - 35 USC § 102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351 (a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 

2. Claims 1-2,6-9,18-20 are rejected under 35 U.S.C. 102(e) as being anticipated 
by Radatti et al. (US PgPub 2001/0042214). 

3. As per claim 1 , Radatti discloses a device for managing network traffic flow, the 
device comprising: a processor, the processor configured to 

receive network traffic content, 

determine whether a protocol of the network traffic content matches a prescribed 
protocol of network traffic content that could contain content desired to be detected 
(paragraph [0016] and [0035]), and 
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store the network traffic content in a stack when the protocol of the network traffic 
content matches the prescribed protocol (paragraph [0037] wherein it is necessary for 
the protocol scanner to store the traffic content in a stack while it is being 
processed/analyzed). 

4. As per claim 2, Radatti discloses the device of claim 1 , wherein the processor 
comprises a general purpose processor (see paragraph [0024]). 

5. As per claim 6, Radatti discloses the device of claim 1 , wherein the processor is 
further configured to send the network traffic content to a user when the protocol of the 
network traffic content does not match the prescribed protocol (paragraph [001 7[). 

6. As per claim 7, Radatti discloses the device of claim 1 , further comprising the 
stack ([paragraph [0035] wherein it is necessary that the processor comprise the stack 
for storing the code while it is being processed). 

7. As per claim 8, Radatti discloses the device of claim 7, wherein the stack is 
implemented in the processor or in another processor (paragraph [0035] see rejection 
above). 

8. As perclaim 9, Radatti discloses the device of claim 8, wherein the stack is 
configured to store network traffic content in accordance with the protocol of the network 
traffic content (paragraph [0035] wherein the network traffic is stored and processed as 
it is received from the communications stream and then returned to the original stream 
in accordance with the proscribed protocol thus necessitating that it is stored in 
accordance with the protocol). 
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9. As per claim 18, discloses the device of claim 1 , wherein the content desired to 
be detected is selected from the group consisting of a virus, a worm, a web content, a 
Trojan agent, an email spam, and a packet transmitted by a hacker (paragraph [0004]). 

10. Claim 19 is rejected because it discloses similar subject matter as claim 1 . 

1 1 . Claim 20 is rejected because it discloses similar subject matter as claim 9. 

Claim Rejections - 35 USC § 103 
The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

12. Claims 3-5,10-17,21-31 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Radatti et al. 

13. As per claim 3, Radatti discloses the device of claim 1 , but does not disclose 
wherein the special purpose processor comprises an ASIC processor. 

The Examiner notes that is common and well known in the art to use ASIC 
processors for performing a specific function. 

It would be obvious to one of ordinary skill in the art to perform the function of 
Radatti using an ASIC processor since they are well known and very commonly used. 
Motivation for one of ordinary skill in the art to use an ASIC processor would be to 
implement a processor that performs a specific function such as is desired in Radatti as 
would be well known to one of ordinary skill in the art. 
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14. As per claim 4, Radatti discloses the device of claim 3, wherein the ASIC 
processor is a semi-custom ASIC processor. 

The Examiner notes that it is obvious in view of the above rejection to implement 
the processor wherein it is a semi-custom processor. 

15. As per claim 5, Radatti discloses the device of claim 3, wherein the ASIC 
processor is a programmable ASIC processor (see rejection above). 

16. As per claim 10, Radatti discloses the device of claim 1 , further comprising a 
memory; 

wherein the processor is further configured to 

send at least a portion of the network traffic content to the memory when the 
protocol of the network traffic content matches the prescribed protocol, 

send the network traffic content to a module, the module configured to determine 
whether the network traffic content contains content desired to be detected 

assemble the at least a portion of the network traffic content with the rest of the 
network traffic content, and transmit the network traffic content to a user when it is 
determined that the network traffic content does not contain the content desired to be 
detected((paragraph [0037]). 

Radatti does not disclose wherein the processor is configured to send a copy of 
the network traffic content to a module. 

The Examiner notes that it is common practice in the art and thus would be 
obvious to one of ordinary skill in the art to transmit a copy of the intercepted data to a 
module. 
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Motivation for one of ordinary skill in the art to send a copy would be such that 
the scanner generally conducts transformations on the code to determine if matches 
with desired code, thus upon completion of the transformations if the code is deemed 
safe there is no need to reform the code to send back to the stream since the original 
code is stored in the memory, as is well known and practiced by one of ordinary skill in 
the art. 

17. As per claim 1 1 , Radatti discloses the device of claim 1 0, further comprising the 
module (paragraph [0037). 

18. As per claim 12, Radatti discloses the device of claim 11, wherein the module is 
implemented in the processor (paragraph [0037]). 

1 9. As per claim 1 3, Radatti discloses the device of claim 1 1 , wherein the module is 
implemented in an ASIC processor (see the rejection to claim 3). 

20. As per claim 14, discloses the device of claim 1 , further comprising a memory; 
wherein the processor is further configured to 

flag the network traffic content when the protocol of the network traffic content 
matches the prescribed protocol, 

send the flagged network traffic content to the memory, 

send a copy of the network traffic content to a module, the module configured to 
determine whether the network traffic content contain content desired to be detected, 
and 

transmit the network traffic content to a user when it is determined that the 
network traffic content does not contain the content desired to be detected (paragraph 
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[0037] see also the rejection to claim 10, wherein the determination of protocol scanner 
to transmit the code to the proscribed code scanner is effectively flagging the data). 

21 . As per claim 1 5, Radatti discloses the device of claim 14, further comprising the 
module (see claim 11). 

22. As per claim 16, Radatti discloses the device of claim 15, wherein the module is 
implemented in the processor (see claim 12). 

23. As per claim 17, Radatti discloses the device of claim 1 5, wherein the module is 
implemented in an ASIC processor (see claim 1 3). 

24. Claim 21 is rejected because it discloses similar subject matter to claim 10. 

25. Claim 22 is rejected because it discloses similar subject matter to claim 14. 

26. As per claim 23, Radatti discloses a device for managing network traffic flow, the 
device comprising: a first processor, the first processor configured to 

receive network traffic content, 

send at least a portion of the network traffic content to a memory, and 
send a copy of the network traffic content to a second processor, the second 
processor configured to determine whether the network traffic content contains Content 
desired to be detected (paragraph [0035]). 

The Examiner notes that Radatti discloses the protocol scanner and the code 
scanner as two separate and distinct processes, but does not explicitly state that the 
processes are performed in separate processors. However, it is commonly practiced in 
the art to implement special purpose processors for performing set functions, thus it 
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would be obvious for one of ordinary skill in the art to implement a first and second 
processor for carrying put the two distinct processes. 

Motivation for one of ordinary skill in the art to include a second processor would 
be to implement a processor with a specialized function to carry out the process, as is 
commonly performed in the art. 

27. As per claim 24, Radatti discloses the device of claim 23, wherein the first 
processor is further configured to assemble the at least a portion of the network traffic 
content with the rest of the network traffic content, and cause the network traffic content 
to be transmitted to a user when it is determined that the network traffic content does 
not contain the content desired to be detected (paragraph [0033]). 

28. Claim 25 is rejected because it discloses similar subject matter as claim 10. 

29. Claim 26 is rejected because it discloses similar subject matter as claim 10. 

30. As per claim 27, Radatti discloses a device for managing network traffic flow, the 
device comprising: a first processor, the first processor configured to 

receive network traffic content, 
flag the network traffic content, 

send the flagged network traffic content to a module, the module configured to 
pass unflagged data to a user and prevent flagged data from being sent to the user, and 
send a copy of the network traffic content to a second processor, the second processor 
configured to determine whether the network traffic content contains content desired to 
be detected (see rejection to claim 14 and 23 wherein the data is effectively flagged as 
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it is transmitted to the proscribed code scanner and the unflagged data is passed back 
to the communications stream). 

31 . As per claim 28, Radatti discloses the device of claim 27, wherein the first 
processor is further configured to transmit the network traffic content to a user when it is 
determined that the network traffic content does not contain the content desired to be 
detected (paragraph [0033]). 

32. As per claim 29, Radatti discloses the device of claim 27, wherein the module 
comprises a memory, a buffer, or at least a portion of a processor (paragraph [0033]). 

33. Claim 30 is rejected because it discloses similar subject matter to claim 27. 

34. Claim 31 is rejected because it discloses similar subject matter to claim 28. 

Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Brandon S. Bludau whose telephone number is 571- 
272-3722. The examiner can normally be reached on Monday -Friday 8:00-5:30. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilberto Barron can be reached on 571-272-3799. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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